(19) Japan Patent Office (JP) (12) Japanese Laid-opeK (1 1) PubMcatiors No, 2002-324219 
Patent Publication (A) 

(43) Pablication da!.e; November 8, 2002 



Fl Thesnc code (as a reference) 

G06K 17/00 S 2C005 

B42D 15/10 501L 5B058 

G06F 15/00 33QG 5B085 



Request for examinatioK: Not requested The nuRjber of claims; 7 OL (Total 6 pages) 



(2f) Application No.: 200M26416 
(22) Fillkig Date: April 24, 2001 


(71) Applicant: 


000002325 

Seiko Instniments Inc. 
SjNakase 1-chomc, Miliama-ku, 
Chiba-shi, Cluba, Japan 




(72) Inventor: 


Hitosh! TACHIBANA 
o/o Seiko Instrunients Inc. 
SjNatese l-chome, Msiiasna-tai, 
Chiba-shi, CMba, Japan 




(74) Agent: 


100096378 

Masaaki SAK-^iGAMi: 




F-term (as a reference): 2C005 11403 HB09 HB2 
jB33 LB32 LB36 

5B058 CA27 KA27 KA02KA04 KA33 YA02 
5B085 AE12 AE23 BA06 



(54) Title; CABD .AUTHENFICATION SYSTEM 



(57) Abstract: 

PROBLEM: To provide a card aufeejiti cation system tliat is able to prevent illsgal use by forgsjy 
to a liigh degree, 

SOLUnONlV'IEANS: A card authenticatiori system that is provided with b plurality of card 
autlienticgting.terminais 10 and a central data processir-.g center 20 connected to these card 
aisthentitating termiiiais via a public communications r^etwork 3D and Is abie to perform onsine 
aiithentication processing at the card authenticating terminals 10 by accessing host c&mputers 
of the respective card companies 51-53 onYms from the central, data processing center 20 via a 
card business cori-sprehensive network system 5Q; wherein it ha.? a usage. permitted/not 
permitted information storage apparatus 40 by which the users of the respective cards are 
3bie to switch the vaiidity/'invaiidity of said cards in advance, and the central data proce.-s.'jing 
center 20 performs online suthentication only for cards for which a usage permitted judgment 
has been made via the usage permitted/not permitted information storage apparatus 40. 
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CA.RD AUTI-iE>^TICATION SYSTEM 

CLAIMS 

Wlial is claimed is: 

1 . A card authentication, system that Is provided with a number of card autlienti eating 
tenninais and a central data processing center cotmected to these cai'd authenticating terminals 
via a pubhc coiniraani cations network ard that is made to perforra online autlientication 
processing at the card authenticating terminals by accessing host computers of &e respective 
cai-d companies online from the central data processing center via a card bysiness comprehensive 
netvs'ork system, comprising 

a usage pemiitted/not permitted information storage appaiatas by whicli the users of the 
respective cards are able to switch tiie validitj^/invaiidity of said cards in advaace, whereiu the 
cent-ai data processing center performs online a.utlientication only for cards for which a usage 
permitted judgment has been made via the usage pemiittedtoot pennitted information storage 
apparatus. 

2. A card anflientication system of claini 1 , whereiri tlie usage permitted/not permitted 
infonnation storage apparatus receives a card user's request for a change to usage permitted and 
validates usage for said card. 

3. A cai'd authentication system of claim. 2, whereiri after tlje usage permittsd/not pesmitted 
infbnnation storage apparatxis has received a. card user's request tor a change to usage permittsd 
and has vaHdated usage for said card, a change to usage not permitted is automatically made at a 
predetermined time, 

4. A card autbenticatipn system of any of claims 1 to 3, wherein characterized in tlrat the 
usage permitted/not pes-mitted irifoirnalion storage apparatiis- receives a card user's request to 
change to usage permitted via a user' s wireless commuiiications teraiinaJ. 
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5. A card authentication system of aiiy of claims 1 to 3, wlmn charactefized in tiiat tlie 
usage pemitted/not pemiitted information storage apparatus receives a card user's request for a 
change to usage permitted from a user's wireless commimi cations terniinai via tlie card, 
authenti eating teniii nal. 

6. A. ca-d autiieiitication system of any of claims 1 to 5, wherein characterized in that the 
usage peiTJiitted/not permitted mfoj-nmtion storage apparatds has data regarding the respective 
cards in advance a^d registers usage penTjitted/not permitted for the j-egistered cards. 

7. A card autlientication system of am of claims 1 to 5, wherein ttie.usage permitted/not 
pemiitted mformatton storage appara.tiis registers at any tiate only data for those of the respective 
cards that are usage permitted. 
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DETAILED DBSCRITION OF THE INVENTION 
TECHNICAL FIELD OF THE r N'VENTION 

[0001] The present invention relates to a caxd aisthsntication system that makes it possible for 
the actual uSei of a credit cai-d or a debit ca-d to set usage peraiilted/not permitted for said card to 
prevent illegal usage with, for example, usage only being permitted when used by the rightful 
cardholder. ' • 

PRIOR ART 

[0002] Conventional credit cards and debit cards are in principle always usage pennitted when 
a card is issued, except for cards for which usage has been made invalid, such as stolen cards, 
and cards fliat have exceeded tlie usage liniit amount md are such that, at the time of usage, 
usage is pennitted after the rightiijl cardJioldei's identity has been confinned, 
PROBLEMS T O BE SOLVED BY THE mVE:N TIQ N 

[0003] tlowever, there is no problem if reporting has been perion-ned immediately after theft 
or loss, but tiiere are cases in which time passes before a report is made, and illegal \iss caniiot be 
■prevented. In addition,. conventionally, there has been no protection at all against illegal usage by 
means of counterfeit cards. 

[0004] The present invention takes such circmnstgnces into account, and its purpose is to 
provide a card authentication system that is able to prevent illegal usage by forgery to a high 
degree. 

MEANS TQ S OL\'£ PROBLEMS' 

[OOOS] Tlie first mode of tlte present invention to resolve the problems is a card authentication 
system that is pro vided with a pluralitj' of card authenticating tenninals and a centi-al data 
processing center connected to these card auilienticating terminals via a public corosmnications 
network and is able to perform online authentication processing at the card autlienticating 
terminals by acces sing host computers of the respective card companies online from the central 
data processii-ig ceaiter via a card business comprehensive net-Vi'Drk system; wlierein it has a usage 
pemiitted/'not permitted information storage apparatiis by which the users of the respective cards 
are able to switch tlie validit>'/lnvalidity of said cards in advance, and the cental data processing 
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center performs online authentication only for cardis for which a usage permitted judgment has 
been made via said usage peiuiitted/not peraiitted information storage apparatus. 
|0006| The second mode of the present invention is a cai'd authentication system according to 
the first mode; characterized in that the usage perriiitted/not pemiitt.ed information storage 
apparatus reoeivea a card user's request for a change to usage, perraitted and validates usage for 
said cai'd. 

|0007] The third mode of the present itwention is a card authentication system according to the 
second mode; characterized in that, after tiie usage peonitted/not permitted infoDBation istorage 
apparatus has received a card user's request for a change to usage pennitted and has validated 
iiisage for said cai'd, a chasge to usage not permitted is automaticaliy made at a predetermined 
time. 

|0008] The fourth mode of tlie present invention is a card authentication system according to 
any of the first through thh-d modes; characterized in that the usage pei-niitted'not petmitted 
hifomiation storage apparatus receives a card user's request to change to usage permitted via a 
user's wireless commimicatiotjs terminal, 

[0009] Tlie fifth mode of tiie present invention is a card authentication system according to any 
of the first through third modes; characterized in tliat the usage permitted/not pennitted 
information storage apparatus receives a card user's request for a change to usage pennitted from 
a user's wireless communications temiinai via the card authenticating terminal, 
|0010| The sixth mode of the present invention is a card authentication system according to 
any of the first through, fiftti modes; characterized in that the usage peraaitted/'not penrutted 
information storage apparatus has' data regarding the respective cards in advance and registers 
usage pennitted/not pennitted for -tlie regi stered cas-ds. 

[0011] The seventli mode of tlie present invention is a cai'd authentication system according to 
any of the first through fifth modes; characterlEed in thai tlie usage permitted/not permitt.ed 
information storage apparatus registers, at any time, only data for those of the respective cards 
that are usage permitted. 

[0012] According to the relevant present invention, it is possible to provide a card 
authentication systejis that is able to prevent illegal usage due to forgery to a high degree. 
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EMBODIME NTS OF THE rNVT.NTION 

[0013] The present invention will be described below based on an embodimeRt 
[0014] An overall schematic configuration of mi embodinient of a credit card authentication 
system relating to the present invention is siiown in Fig. 1. As shown in Fig. 1, a plurality of card 
autirsntioating teiminals 10 are connected via a central data, processing center 20 and a wired or 
wireless public coiimmnications network 30, jmd the central data processing center 20 is 
connected to a usage permitted/not permitted infoimatjori storage apparatus 40 and a card 
bnsiiiess comprehensive networic system 50 via a leased line communications network. The card 
business comprehensive network 50 is typically C AFIS of the Cai-d [sic] NTT Data Corporation, 
arid it coTinects aptorality of card companies 51-53 sad financial institutions online. 
fOOlS] The card aufeenticating tenninal 10 has as its principal components a CPU 1 1 , which 
performs various computations and control, a ROM 12, in which programs are stored, a RAM 
13, which stores various data, a card reader 14, which is able to read the member information and 
the card ID of a credit cai-d requiring autlientication, aii inputyoutput means 15, which inputs 
information such as charges and payment methods, a display 16, which displays, for example, 
the auil-ienticationresulte, a printer 17, by whicii, for example, usage fees are printed out, and a 
tj-ansmitting and receiving apparatus 18, which is for conmecting with the public communications 
network 30, 

[0016] The centi-al data processing center 20 has as its principal components a, central 
processing apparatus 21, which performs various computations and contrDl, a program storage 
apparatus 22, in which programs have been stored, a data storage apparatus 23, which stores 
various data, and a transmitting and receiving apparatus 24, which is for cormectmg with the 
public conitnunications network 30 while connecting v,dth the card business comprehensive 
netft'prlc system 50. ■ ^ 

j0017] The usage permitted/not permitted infoniiation storage apparatus 40, as shown in Fig. 
2(a), comprises a central processing apparatus 4 1 , which performs various computations and 
control, a program storage apparatus 42, in. which prograsns are stored, a data storage apparatus 
43, which stores various data, a transiriitting and receiving appai-atus 44, which is for connectmg 
with the central data processing center 20, and an acceptance apparatus 45, which receives . 
information directly from a commuriications terminal 60 such as a portable telephone or aPHS, 
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and a usags peniiittedA-iot permitted infonnatioR database 46 is stored in tlie data storage 
apjwatus 43. 

|00iS| The usage permitted/not permitted information database 46, as shovm in Fig. 2(h), is a 
database in winch caj'd numbers and infonnation for access by s user, I'or example, tiie member 
name and password, are registered when, for example, issuing cai'ds such as credit cards, and 
also comprises infomiation such as whether or not the respective cards are valid or invalid. 
10019] Hers, the validity/im'aiidity information of the usage permitted/not pennitted 
information database 46 can be changed at aiiy time by the user. The method of changing by the 
user is not particularly limitedj but changes may be made via the web connected via a 
comnaunications terminal, changes may also be made by receiving mail from the 
communications terminal 60, or changes may also be made, by a voice instraction from a 
communications terminal, 

10020] In addition, changes to the validity/invaHdity as.-e such tiiat if there is a validation 
request, it is ma,de valid, and if tliere is aii invalidation request, it is made invalid, mid it is 
preferable that, after there has been a validation request, there be automatic invalidation after 
validation for prescribed period of time, for example, a short period of time such as 2 [min.], 3 
mln., 5 min. or 10 min., or for a prescribed period of time such as one day. This is to prevent 
illegal usage of counterfeit cards by validating only for the time that the user is engaged in usage. 
[0021 ] Note tliat it is preferable tiiat the acceptance apparatus 45 accept only validation 
requests from legitimate users and request prescribed passwords for access so tiiat illegal 
requests fi-oni illegal users are not accepted, and originating party notification of the 
conunmiications terminal may also be assigned a password. 

[9022] In order for a validation request to be performed easily by a user while preventing such 
illegal usage, for example, a card number, a password that has been registered m advance, and 
prescribed member infoiTnation may be transmitted along widi a validation request usmg a mail 
fanctlon of a commimications terminal. In addition, an application such as would be able to 
- perform prescribed encryption processing (one-way computation) may be stored in tlie 
communications terminal, tlie' result of having performed prescribed encryption processing using 
ti-ie member number of the card and an encryption key registered in advance may be used as a 
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passwordj and tills ma}' be transmitted along with prescribed member information and the 
validatiors request using mail functions, 

10023] In addition, the tiunibers of only valid cards may also be caused to be present m tlie 
usage permitted/not pennitted inforiTiation. database 46. Specifically, in the case in which the 
acceptaiice apparatus 45 registers only card loumbers accepted aiorsg with a validation request in 
tlie usags peiinitt.ed;'!iot peiTnitted information database 46, and the card number is present in the 
usage permitted/not permitted information database 46, tlie card is con.sidered to be valid. Note 
that, in this case, in order to prevent access by illegal tisers, it is necessary to ehminate iliegai 
registration by, for example, issuing a password such that there will be a prescribed resuh when 
prescribed encryption proce.ssing has been performed at tlie time of card issuance, for exatnple, a 
password such that zero always results when a prescribed calculation, is perfoiTned, and making it 
so tiiat only card numbers that have been transmitted along with such a password are registered. 
[0024] In tlie card autiieiitication system described above, in the case in which a caxd is to be 
u.5ed, it is necessary for the user to transmit a validation, request to the acceptance apparatus 45 of 
the usage periBitted/not permitted infoniiation storage apparatus 40 via a comjiuuiications 
tennirial such as a portable telephone in advaiice and preferably immediately prior to usage. 
Afier tliat, tliat user receives a check as to whetiier or not usa,ge is possible by means of a card 
authenticating terminal 10 that is inst.alled at a store or service counter. Specifically, as shown in 
Fig, 3, the card authenticating terminal 10 reads member information and a card number using 
Hie card reader 14 (step SI 1). This is transmitted to the central data processing center 20 from tlie 
transmitting and receiving apparatus 18 via the public communications network 30 (step S12). 
When the central data processing center 20 receives the card infomati on requiring 
authentication, ifmalces a request to tiie usage permitted'not permitted information storage 
a,pparatus 40 as to whether or not usage of said card is peiiriitted and wa,itg for reception of the 
usage permitted''not penrntted decision result (step S 1 3). A j udgment is made as to whether or 
not usage of said card is permitted according to the u.sage peimitted'hot pennitted decision result 
(step SI 4), and in the case in which usage is not permitted (step SI 4, No), a decision of usage not 
permitted is made with usage not permitted going to the card authenticating terminal (step S 1 5). 
[O025| On the other hand, in the case in which usage is pemitted (step S 1 4, Yes), the received 
mem.ber uifoniiation of the card requiring authentication and the member inforiBation from the. 
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card number are sepai-ated. and this is converted into prescribed formatted data and transj^itted 
to a prescribed card company via the card business comprehensive jietwork system, 50 (step 
SI 6), and there is a wait for aii autlientication result from the caj-d company (step SI 7). 
[0026] When an authentication result fi*om the card company is received, a judginent is made 
as to whether or not the caj'd requiring authentication is an invalid cai-d (step SI 8), aJid in the 
case in which it lias been judged to be an invalid card (step S 1 8, Yes), a usage not permitted 
detennination is made (step SI 5), and when it has been judged not to be an invalid card (step 
SlS,Mo), it is judged to be valid (step S19), and informatioB to the effect tliat authentication is to 
be performed is transmitted to tiie card authenticating terminal 10 (step S20). Note that 
processing of data such as the usage amount and payment method is the same as in ordiuaiy 
processing of credit cards and debit cards, so a description will be omitted. 
[0027] According to the embodiment described above, it is possible to validate cai'd usage only 
during tlie period when tiie user is using the card, so it is possible to prevent illegal usage of tlie 
card resulting from, for example, a counterfeit caj-d. 

10028] Note that, in the embodiment described above, in tiie case in which tlie ussv has made a 
request to change card usage peimitted/not permitted, there was direct ti-ansmission from, the 
communications tenninal 60 to the usage permitted/not permitted information storage apparatus 
40, but iTansroission to tlie card authentication terminal iO may also be performed, and 
transmission from ti>e card authentication terminal 10 to the usage pes-mitted/not pemritted 
infom-iation storage apparatus 40 via the central data processing center 20 may also be 
performed- In this case, the coimnunications terminal 60 and the card communications [sic] 
terminal 10 may be made able to cormnunicate by, for exajaple, automatically connecting using a 
wireless standard such as Bluetoo'th. 

10029] In addition, in the embodiment discussed above, the usage pemi!tt.ed/not pennitted 
iiifoitaation storage apparatus 40 was iiistalled separately from the central data processing center 
20, but it goes witliout sayhig that it may also be installed within the central data processing 
center 20. 

EFFECTS OF THE IISIVENTION 
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[0030] As described above, according to tlie present invention, aii effect is exhibited whereby 
it is posaibie to provids a card authentivation system that is able to prevent illegal usage resulting 
from forget^' to a high degree, 
BRIEF DESCRIPTION OF THE DRAWINGS 

Figiire 1 is a drawing that shows the sche:matic configaratioE of a cmd. authentication 
system relating to an embodiment of the present invention. 

Figure 2 is a drawing that shows an overk'iew of the usage peniiitted.''not permitted 
information storage apparatus of the present invention. 

Figure 3 is a drawing that shows tlie procedure, for authentication of a card authentication 
system relatmg to an embodiment of the present invention, 
DESCRIPTIO NS OF SYMBOLES 
10: Card Aiithenticating Terminal 
20; Central Data Processing Center 
30; Public ConjinsmicationsNetvv'orit 

40: Usage Ferraitted/Not Pernntted Information Storage Apparatus 
50: QAFIS 
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Aj\/SNDMENT 

Filing D ate: November 1.9, 2007 
Modificati on of Th e Entire The Claims 

CLAIMS 

Wliat is claimed is: 

1 . A card authenticatioT) system that is provided with a Eiyraiits^ of card authenticating 
terminals and a central data, processing center connected to said card auiiienticating terminals via 
a public commimications network and that performs online a.uthenti cation processiiig at tlie cai-d 
authenticating tenrnnals by accessing host computers of the respective card connpanies online 
from the centi-al data processing center via a card business comprehensive neb,¥ork system, 
comprising 

a usage pennitt:ed/not penBitted information storage apparatus by which the users of the 
respective cmds. are able to switch the validity/invalidity of said cards m advance, wherein die 
- ceiit-al data, processing center perfomis online authentication only for cards for which a usage 
permitted judgment has been made via tire nsage pemitted/nQt pennitted information storage 
apparatus. 

2. A caid autlientication system of claim 1 , wherein tlie lisage permitted/not peiinitted 
iiifonnation stora,ge apparatus receives a' card user's request for a change to usage permitted and 
validates usage for said card, 

3. A card authentication sy.stem of claim 2, vAerein a.fter tire usage permitted/not permitted 
information storage apparatus has received a card user's request for a change to usage permitted 
and has validated usage for said card, a change to usage not permitted is automatically made at a 
predetermined time. 
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4. A card authentication system of any of claims 1 to 3, wherein characterized in tiiat the . 
usage psrniitted/not permitted infonDation storage apparatus receives a card user's request to 
change to usage permitted via a user's wireless commifni cations temiinal 

5. ■ A card authentication sj'steiri of any of claims I to 3, wherein characterized in that the 
usage permitted/not permitted information storage apparatus receives a card user's request for a 
charjge to usage permitted from a user's wireless communications terminal via the card 
authenticating temiinaL 

6. A card autlientication system of any of claims 1 to 5, wherein chai-acterised in tiiat the 
usage permitted/iioi permitted infbnr.ation storage apparatus lias data regarding the respective 
cai-ds in advance and registers usage pei-mitted/not permitted for the registered cards. 

7. A card autlientication system of any of claims 1 to 5, wherein tiie usage permitted/not 
permitted information storage apparatus registers at any time only data for those of the respective 
cai'ds that are usage pennitted. 
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